🔥 3-day streak
CompTIA PenTest+ (PT0-003)93 / 175
Question 93 of 175
A client contracts a penetration testing firm to assess a customer-facing web application built on a modern JavaScript framework with a REST API backend. The client's primary concern is coverage of application-layer vulnerabilities such as injection, broken authentication, and business logic flaws. The lead tester must select a methodology that provides a structured, repeatable framework specifically tailored to web application security testing so the engagement can be defended as thorough and standards-aligned. Which methodology should the tester adopt as the primary framework for this assessment?
Reviewed for accuracy · Report an issueNext question